зеркало из https://github.com/mozilla/gecko-dev.git
Bug 1304919 - PSM changes to support TLS 1.3 key exchange, r=mt
MozReview-Commit-ID: 1GMk8PajbHj --HG-- extra : rebase_source : 3a5ee2f04595b54fc50b84b8e9c4196f31adb1f0 extra : source : b54d608edfa874dfd3d8305e771490a4b25cf641
This commit is contained in:
Родитель
eb1023f573
Коммит
bf2bd2813c
|
@ -853,7 +853,7 @@ PreliminaryHandshakeDone(PRFileDesc* fd)
|
|||
status->mHaveCipherSuiteAndProtocol = true;
|
||||
status->mCipherSuite = channelInfo.cipherSuite;
|
||||
status->mProtocolVersion = channelInfo.protocolVersion & 0xFF;
|
||||
infoObject->SetKEAUsed(cipherInfo.keaType);
|
||||
infoObject->SetKEAUsed(channelInfo.keaType);
|
||||
infoObject->SetKEAKeyBits(channelInfo.keaKeyBits);
|
||||
infoObject->SetMACAlgorithmUsed(cipherInfo.macAlgorithm);
|
||||
}
|
||||
|
@ -922,7 +922,7 @@ CanFalseStartCallback(PRFileDesc* fd, void* client_data, PRBool *canFalseStart)
|
|||
sizeof (cipherInfo)) != SECSuccess) {
|
||||
MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("CanFalseStartCallback [%p] failed - "
|
||||
" KEA %d\n", fd,
|
||||
static_cast<int32_t>(cipherInfo.keaType)));
|
||||
static_cast<int32_t>(channelInfo.keaType)));
|
||||
return SECSuccess;
|
||||
}
|
||||
|
||||
|
@ -938,10 +938,10 @@ CanFalseStartCallback(PRFileDesc* fd, void* client_data, PRBool *canFalseStart)
|
|||
}
|
||||
|
||||
// See bug 952863 for why ECDHE is allowed, but DHE (and RSA) are not.
|
||||
if (cipherInfo.keaType != ssl_kea_ecdh) {
|
||||
if (channelInfo.keaType != ssl_kea_ecdh) {
|
||||
MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("CanFalseStartCallback [%p] failed - "
|
||||
"unsupported KEA %d\n", fd,
|
||||
static_cast<int32_t>(cipherInfo.keaType)));
|
||||
static_cast<int32_t>(channelInfo.keaType)));
|
||||
reasonsForNotFalseStarting |= KEA_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
|
@ -1071,9 +1071,9 @@ AccumulateCipherSuite(Telemetry::ID probe, const SSLChannelInfo& channelInfo)
|
|||
case TLS_RSA_WITH_RC4_128_SHA: value = 68; break;
|
||||
case TLS_RSA_WITH_RC4_128_MD5: value = 69; break;
|
||||
// TLS 1.3 PSK resumption
|
||||
case TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256: value = 70; break;
|
||||
case TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256: value = 71; break;
|
||||
case TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384: value = 72; break;
|
||||
case TLS_AES_128_GCM_SHA256: value = 70; break;
|
||||
case TLS_CHACHA20_POLY1305_SHA256: value = 71; break;
|
||||
case TLS_AES_256_GCM_SHA384: value = 72; break;
|
||||
// unknown
|
||||
default:
|
||||
value = 0;
|
||||
|
@ -1129,19 +1129,19 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) {
|
|||
sizeof cipherInfo);
|
||||
MOZ_ASSERT(rv == SECSuccess);
|
||||
if (rv == SECSuccess) {
|
||||
usesFallbackCipher = cipherInfo.keaType == ssl_kea_dh;
|
||||
usesFallbackCipher = channelInfo.keaType == ssl_kea_dh;
|
||||
|
||||
// keyExchange null=0, rsa=1, dh=2, fortezza=3, ecdh=4
|
||||
Telemetry::Accumulate(
|
||||
infoObject->IsFullHandshake()
|
||||
? Telemetry::SSL_KEY_EXCHANGE_ALGORITHM_FULL
|
||||
: Telemetry::SSL_KEY_EXCHANGE_ALGORITHM_RESUMED,
|
||||
cipherInfo.keaType);
|
||||
channelInfo.keaType);
|
||||
|
||||
MOZ_ASSERT(infoObject->GetKEAUsed() == cipherInfo.keaType);
|
||||
MOZ_ASSERT(infoObject->GetKEAUsed() == channelInfo.keaType);
|
||||
|
||||
if (infoObject->IsFullHandshake()) {
|
||||
switch (cipherInfo.keaType) {
|
||||
switch (channelInfo.keaType) {
|
||||
case ssl_kea_rsa:
|
||||
AccumulateNonECCKeySize(Telemetry::SSL_KEA_RSA_KEY_SIZE_FULL,
|
||||
channelInfo.keaKeyBits);
|
||||
|
@ -1160,12 +1160,13 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) {
|
|||
}
|
||||
|
||||
Telemetry::Accumulate(Telemetry::SSL_AUTH_ALGORITHM_FULL,
|
||||
cipherInfo.authAlgorithm);
|
||||
channelInfo.authType);
|
||||
|
||||
// RSA key exchange doesn't use a signature for auth.
|
||||
if (cipherInfo.keaType != ssl_kea_rsa) {
|
||||
switch (cipherInfo.authAlgorithm) {
|
||||
if (channelInfo.keaType != ssl_kea_rsa) {
|
||||
switch (channelInfo.authType) {
|
||||
case ssl_auth_rsa:
|
||||
case ssl_auth_rsa_sign:
|
||||
AccumulateNonECCKeySize(Telemetry::SSL_AUTH_RSA_KEY_SIZE_FULL,
|
||||
channelInfo.authKeyBits);
|
||||
break;
|
||||
|
|
|
@ -1288,12 +1288,12 @@ static const CipherPref sCipherPrefs[] = {
|
|||
{ "security.ssl3.dhe_rsa_aes_256_sha",
|
||||
TLS_DHE_RSA_WITH_AES_256_CBC_SHA, true },
|
||||
|
||||
{ "security.ssl3.ecdhe_psk_aes_128_gcm_sha256",
|
||||
TLS_ECDHE_PSK_WITH_AES_128_GCM_SHA256, true },
|
||||
{ "security.ssl3.ecdhe_psk_chacha20_poly1305_sha256",
|
||||
TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256, true },
|
||||
{ "security.ssl3.ecdhe_psk_aes_256_gcm_sha384",
|
||||
TLS_ECDHE_PSK_WITH_AES_256_GCM_SHA384, true },
|
||||
{ "security.tls13.aes_128_gcm_sha256",
|
||||
TLS_AES_128_GCM_SHA256, true },
|
||||
{ "security.tls13.chacha20_poly1305_sha256",
|
||||
TLS_CHACHA20_POLY1305_SHA256, true },
|
||||
{ "security.tls13.aes_256_gcm_sha384",
|
||||
TLS_AES_256_GCM_SHA384, true },
|
||||
|
||||
{ "security.ssl3.rsa_aes_128_sha",
|
||||
TLS_RSA_WITH_AES_128_CBC_SHA, true }, // deprecated (RSA key exchange)
|
||||
|
|
Загрузка…
Ссылка в новой задаче